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DETAILED ACTION 

i> Claims 1-59 are presented for examination. 



Claim Rejections - 35 USC § 112 

2> The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming 
the subject matter which the applicant regards as his invention. 



3> Claims 4, 5, 11, 33-36 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

a. Claim 4 is rejected for lacking proper antecedent basis: "the first server" and 
"the second server". 

b. Claim 5 is rejected for lacking proper antecedent basis: "the second server". 

c. Claim 11 is rejected for lacking proper antecedent basis: "the act of generating 
an interface". 

d. Claims 33-36 are rejected for being improperly dependant on a succeeding 
claim: claims 33 and 36 are dependant on claim 36 and claims 34 and 35 are dependant 
on claim 37. 



Claim Rejections - 35 USC § 102 

4> The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
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A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another 
filed in the United States before the invention by the applicant for patent or (2) a patent granted on an 
application for patent by another filed in the United States before the invention by the applicant for patent, 
except that an international application filed under the treaty defined in section 351(a) shall have the effects 
for purposes of this subsection of an application filed in the United States only if the international 
application designated the United States and was published under Article 21(2) of such treaty in the English 
language. 

5> Claims 1-3, 5-10, 14-18, 21-29 and 44-50 rejected under 35 U.S.C § 102(e) as being 
anticipated by Fuh et al, U.S Patent No. 6.463.474 ["Fuh"]. 

6> As to claim 1, Fuh discloses a method for providing a first network resource access to 
a second network resource, comprising: 

receiving profile data [column 5 «lines 5'7»]; 

generating temporary credentials for accessing the second network resource using the 
profile data [column 13 «lines 47'5i»]; and 

providing the first network resource with the temporary credentials [column 13 «lines 
44-59» : Fuh's firewall and "temporary entries" being placed in the access lists]. 

7> As to claim 2, Fuh discloses the method of claim 1 further comprising the act of 
invalidating the temporary credentials following a termination event [column 14 «lines 43- 
4 8»]. 

8> As to claim 3, Fuh discloses the method of claim 2 wherein the termination even 
involves the lapse of a set time period [column 14 «lines 43-48»]. 
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9> As to claim 5, Fuh discloses the method of claim 1 wherein the act of generating 
temporary credentials includes generating temporary credentials that provide limited access 
to the second server [column 14 «lines 43'48»]. 

io> As to claim 6, Fuh discloses a method for accessing a data service, comprising: 

instructing a client to provide profile data to an identification service, the 
identification service having access to one or more profiles used to access one or more data 
services, the profile data identifying a particular profile [column 8 «lines 4~6» | column 12 
«lines 27'38» : Fuh's AAA server being analogous to an identification service]; 
receiving profile data [column 5 «lines 5'7»]; 

generating temporary credentials for accessing the second network resource using the 
profile data [column 13 «lines 47'5i»]; and 

providing the first network resource with the temporary credentials [column 13 «lines 
44'59» : Fuh's firewall and "temporary entries" being placed in the access lists]. 

n> As to claim 7, Fuh discloses the method of claim 6, wherein the act of instructing the 
client includes providing a user interface that includes instruction to send profile data to the 
identification service, and sending the interface to the client [column 11 «lines 49'67»]. 
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I2> As to claim 8, Fuh discloses the method of claim 6, wherein the act of instructing the 
client comprises redirecting the client to the identification service [Figure 3 «item 210, 2i8» : 
router redirects the client to the AA server]. 



I3> As to claims 9 and 10, as they do not teach or further define over the claimed 
limitations of claims 2 and 5, respectively, they are rejected for the same reasons set forth for 
claims 2 and 5, supra. 

I4> As to claim 14, Fuh discloses a method for accessing a data service, comprising: 

receiving, from a client, a request to direct an application [column 9 «lines I2-I4»]; 
instructing a client to provide profile data to an identification service, the 
identification service having access to one or more profiles used to access one or more data 
services, the profile data identifying a particular profile [column 8 «lines 4~6» | column 12 
«lines 2y38» : Fuh's AAA server being analogous to an identification service]; 
receiving profile data [column 5 «lines 5'7»]; 

generating temporary credentials for accessing the second network resource using the 
profile data [column 13 «lines 47'5i»]; and 

providing the first network resource with the temporary credentials [column 13 «lines 
44-59» : Fuh's firewall and "temporary entries" being placed in the access lists]. 



I5> As to claims 15-18, as they do not teach or further define over the claimed limitations, 
they are rejected for the same reasons set forth for claims 7-10, supra. 
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i6> As to claims 21-25, as they are mediums that execute the steps of the method of claims 
1-5, respectively, they do not teach or further define over the claimed limitations. Therefore 
claims 21-25 are rejected for the same reasons set forth for claims 1-5, supra. 

I7> As to claims 26-29, as they are mediums that execute the steps of the method of claims 
7-10 respectively, they do not teach or further define over the claimed limitations. Therefore 
claims 26-29 are rejected for the same reasons set forth for claims 6-10, supra. 

i8> As to claim 44, Fuh discloses a system for providing a first server with access to a 
second server, comprising: 

an identification service in communication with a credential module [Figure 4 «item 
218 and 400» where : Fuh's Auth proxy is analogous to a credential module and his AA server 
is analogous to an identification service], the credential module operable to use a profile 
acquired by the identification service to generate temporary credentials for accessing the 
second server [Figure 4 «item 220» | column 4 «lines I4'2i»], the identification service being 
operable to receive profile data, to acquire a profile identified by the profile data [column 4 
«lines I4'2i» | column 12 «lines 33'37»], and to provide the first server with the temporary 
credentials generated by the credential module [column 4 «line 62» to column 5 «line io» 
where : Fuh's temporary entries are provided to the router]. 
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i9> As to claims 45-48, as they are mediums that execute the steps of the method of claims 
2-5, respectively, they do not teach or further define over the claimed limitations. Therefore 
claims 45-48 are rejected for the same reasons set forth for claims 2-5, supra. 

20> As to claim 49, Fuh discloses a system for accessing a data service comprising: 

an identification service operable to receive profile data identifying a particular profile 
and to provide that profile, the profile to contain electronic data used to identify the data 
service [column 8 «lines 30~35» | column 12 «lines 32'38»]; 

a credential module operable to obtain the profile from the identification service, 
generate temporary credentials, and map those credentials to the data service identified by 
the profile [column 10 «lines I2-I9» | column 12 «lines 4i~47» | column 14 «lines 6o-67»]; and 

an application server operable to serve an interface containing instructions to send 
profile data to the identification service, to obtain the temporary credentials, and to access 
the data service with the temporary credentials [column 9 «lines 3i-63» where : Fuh's router 
is analogous to an application server in that it serves the interface, and uses the temporary 
entries generated by his module to access the target server (data service)]. 

2i> As to claim 50, Fuh discloses the system of claim 49 further comprising the act of 
invalidating the temporary credentials following a termination event [column 14 «lines 43- 
4 8»]. 
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Claim Rejections - 35 USC § 103 

22> The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

23> Claims 4, 11, 12, 19, 30, 32-42, 51, 54~56, 58 and 59 are rejected under 35 U.S.C § 103(a) as 
being unpatentable over Fuh, in view of Routtenberg et al, U.S Patent Publication No. 
2002I0049717 Ai ["Routtenberg"]. 

24> As to claim 4, Fuh does not explicitly disclose the termination event involving a first 
server accessing the second server. 

25> In the same field of invention, Routtenberg discloses a method for providing a first 
network resource temporary access to a second network resource [abstract], comprising the 
act of invalidating the temporary access following a termination event involving the first 
server accessing the second server [0035 : "access the files only a predetermined number of 
times ,, ]. It would have been obvious to one of ordinary skill in the art to incorporate 
Routtenberg's termination event into Fuh's resource access method to enable administrators 
in Fuh's system with more control over user accesses. Such an implementation would allow 
administrators to provide limited access to files. 
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26> Claims 11 and 12 are rejected under 35 U.S.C § 103(a) as being unpatentable over Fuh, 
in view of Win et al, U.S Patent No. 6.453.353 ["Win"]. 



27> As to claim 11, Fuh does not explicitly disclose the method of claim 6 wherein the act 
of generating an interface includes generating a framed web page having a first frame and a 
second frame, the method further comprising providing, for the first frame, content for 
directing an application, and providing, for the second frame, content for selecting one or 
more electronic files managed by the data service identified by the specified profile. 

28> In the same field of invention, Win discloses wherein the act of generating an 
interface includes generating a framed web page having a first frame and a second frame, the 
method further comprising providing, for the first frame, content for directing an 
application, and providing, for the second frame, content for selecting one or more electronic 
files managed by the data service identified by the specified profile [column 5 «lines 44~46» | 
column 6 «lines io-i6» | column 12 «lines 3-8» where : Win's roles are analogous to user 
profiles. And Win does not explicitly disclose that the two functionalities are split amongst 
two frames but does disclose that the user options are presented in a personalized HTML 
menu. Frames are ubiquitous in the art and therefore would be expected in Win's HTML 
pages]. It would have been obvious to one of ordinary skill in the art to have incorporated 
Win's personalized HTML menu into Fuh's resource accessing system to provide users with 
a list of resources that they are able to access so they cannot access resources that are not 
allocated to their particular user profile. 
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29> As to claim 12, Fuh does not explicitly disclose the method wherein the act of sending 
the profile data includes sending a cookie identifying the particular profile upon opening the 
framed web page. 

30> Cookies are common and well known in the art for saving user information. For 
example, Win discloses the act of sending the profile data includes sending a cookie 
identifying the particular profile upon opening the framed web page, [column 8 «lines 23~3i» 
I column 10 «lines 5i - 54»]. It would have been obvious to one of ordinary skill in the art to 
incorporating cookies into Fuh's resource accessing system to allow user information to be 
stored on the computer thus enabling several functionalities such as secure logon [Win, 
column 8 «lines 28-30»] and enhanced security [Win, column 11 «lines io-20»]. 

3i> As to claims 19 and 30, as they do not teach or further define over the claimed 
limitations, they are rejected for the same reasons set forth for claim 11. 

32> As to claim 32, Fuh discloses a computer readable medium having instructions for: 
providing a client device with profile data identifying a created profile [column 12 
«lines 27'36»]; 

upon receiving profile data, retrieving a profile identified by the profile data received 
[column 12 «lines 36-47»]; 
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generating temporary credentials for accessing the data service identified by the 
retrieved profile [column 14 «lines 6-ii»]j and 

providing an application server with temporary credentials [column 14 «lines 6-i8»]. 

Fuh does not explicitly disclose generating an interface having user accessible controls 
for creating a profile for accessing a data service and creating a profile according to selections 
made through the interface. 

33> For the same field of invention, Win discloses an interface having user accessible 
controls for creating a profile for accessing a data service and creating a profile according to 
selections made through the interface [column 13 «line 40» to column 17 «line 38» where : 
Win's roles are analogous to user profiles]. It would have been obvious to one of ordinary 
skill in the art to incorporate Win's administrative user profile interface into Fuh's user 
profile functionality to allow administrators the ability to refine and have complete control 
over the privileges and access of the users within the system. Such an implementation would 
enhance the security of the resource accessing system. 

34> As to claims 33-36, as they are claims to a medium that execute the steps of the 
method of claims 2-5 respectively, they do not teach or further define over the claimed 
limitations. Therefore claims 33-36 are rejected for the same reasons set forth for claims 2-5. 



35> As to claim 37, Fuh does not explicitly disclose instructions for providing a client 
device with profile data comprise instructions for generating a cookie containing data 
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identifying the created profile and instructing a web browser operating on the client to save 
the cookie. 

36> Win discloses instructions for providing a client device with profile data comprise 
instructions for generating a cookie containing data identifying the created profile and 
instructing a web browser operating on the client to save the cookie [Figure 5C]. It would 
have been obvious to one of ordinary skill in the art to incorporating cookies into Fuh's 
resource accessing system to allow user information to be stored on the computer thus 
enabling several functionalities such as secure logon [Win, column 8 «lines 28-3o»] and 
enhanced security [Win, column 11 «lines io-20»]. 



37> As to claim 38, Fuh discloses a computer readable medium having instructions for: 
providing a client device with profile data identifying a created profile [column 12 
«lines 27'36»]; 

receiving a request to access an application [column 9 «lines I2-I4»]; ^ 
instructing a client to send profile data [Figure 4 «item 403»]; 
receiving profile data [Figure 4 «item 404»]; 

retrieving a profile identified by the profile data [column 12 «lines 36-47»]; 
generating temporary credentials for accessing the data service identified by the 
retrieved profile [column 14 «lines 6-n»]; and 

providing an application server with temporary credentials [column 14 «lines 6-i8»]. 



Application/Control Number: 10/085,971 Page 1 

Art Unit: 2152 

Fuh does not explicitly disclose generating an interface having user accessible controls for 
creating a profile for locating and accessing a data service and creating a profile according to 
selections made through the interface. 

38> For the same field of invention, Win discloses an interface having user accessible 
controls for creating a profile for locating and accessing a data service and creating a profile 
according to selections made through the interface [column 13 «line 40» to column 17 «line 
38» where : Win's roles are analogous to user profiles]. It would have been obvious to one of 
ordinary skill in the art to incorporate Win's administrative user profile interface into Fuh's 
user profile functionality to allow administrators the ability to refine and have complete 
control over the privileges and access of the users within the system. Such an 
implementation would enhance the security of the resource accessing system. 

39> As to claims 39-41, as they are claims to mediums that execute the steps of the method 
of claims 7, 8 and 10, they do not teach or further define over the claimed limitations. 
Therefore claims 39-41 are rejected for the same reasons set forth for claims 7, 8 and 10. 

40 As to claim 42, as it is a claim to a medium that executes the steps of the method of 
claim 11, it does not teach or further define over the claimed limitations. Therefore, claim 42 
is rejected for the same reasons set forth for claim 11. 



As to claim 51, Fuh does not explicitly disclose: 
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an application content provider in communication with the application server and 
operable to generate content for directing an application; and 

a data content provider in communication with the application server and operable to 
generate content for selecting electronic files managed by the accessed data service. 

42> Win discloses: 

an application content provider in communication with the application server and 
operable to generate content for directing an application [Figure 4 «item 4I2» | column 9 
«lines 28-29»]; and 

a data content provider in communication with the application server and operable to 
generate content for selecting electronic files managed by the accessed data service [Figure 4 
«item 2o8» | column 3 «lines 36-40»]. 

It would have been obvious to one of ordinary skill in the art to have incorporated 
Win's content providers into Fuh's resource management system to enable users with a 
personalized display of available resources with which they can direct. Such an enhancement 
provides users of Fuh's system with a tailored menu and thus a more streamlined experience. 

43> As to claim 54, Fuh discloses a system for accessing a data service comprising: 

a credential module operable to obtain the profile from the identification service, 
generate temporary credentials, and map those credentials to the data service identified by 
the profile [column 10 «lines I2-I9» | column 12 «lines 4i"47» | column 14 «lines 6o-67»]; and 
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an application server operable to serve an application interface that includes 
instructions to send profile data to the identification service, to obtain the temporary 
credentials, and to access the data service with the temporary credentials [column 9 «lines 31- 
63» where : Fuh's router is analogous to an application server in that it serves the interface, 
and uses the temporary entries generated by his module to access the target server (data 
service)]. 

Fuh does disclose an identification service that issues instructions to store profile data 
used to access a profile, receiving profile data identifying a particular profile and to provide 
that profile [column 8 «lines 28~37» | column 14 «lines 6o-67»], but does not explicitly 
disclose that the ID service generates a profile interface having user accessible controls for 
creating a profile containing electronic data used to identify the data service. 



44> Win discloses an identification service operable to generate a profile interface having 
user accessible controls for creating a profile containing electronic data used to identify the 
data service and to create a profile using selections made through the profile interface [Figure 
10A I column 13 «line 40» to column 17 «line 38»], It would have been obvious to one of 
ordinary skill in the art to incorporate Win's administrative user profile interface into Fuh/s 
user profile functionality to allow administrators the ability to refine and have complete 
control over the privileges and access of the users within the system. Such an 
implementation would enhance the security of the resource accessing system. 
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45> As to claims 55 and 56, as they not teach or further define over the limitations of 
claims 50 and 51 respectively, they are rejected for the same reasons set forth for claims 50 and 
5i- 

46> As to claim 58, Fuh discloses the system of claim 54 further comprising a browser 
operable to request and display the profile and application interfaces [Figure 4 «item 304»], 

47> As to claim 59, as it is a claim to a system that contains the functionality of the 
medium of claim 38, it does not teach or further define over the claimed limitations. 
Therefore, claim 59 is rejected for the same reasons set forth for claim 38, supra. 

48> Claims 13, 20, 31, 43, 52, 53, and 57 are rejected under 35 U.S.C § 103(a) as being 
unpatentable over Fuh and Win, in further view of Curtin, "A Failure to Communicate: 
When a Privacy Seal doesn't help" ["Curtin"]. 

49> As to claim 13, Fuh and Win do disclose a request including a cookie identifying a 
particular profile [Win, column 10 «lines 5i-54»] but do not disclose including instructions to 
request a web bug from the identification service, and wherein the act of sending the profile 
data includes requesting the web.bug. 

50> Curtin discloses including instructions to request a web bug from the identification 
service, and wherein the act of sending the profile data includes requesting the web bug [see 
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1.4 "Web Bugs" and "B. TheCounter.com Tracking Code" page 7]. Curtin discloses the use 
of the web bug to allow for web sites to track and monitor the actions of users in an almost 
invisible manner. Therefore, it would have been obvious tq one of ordinary skill in the art to 
incorporate Curtin's web bug functionality into Fuh and Win's resource accessing system to 
allow administrators access to user activity. Such a functionality would enable 
administrators the ability profile users and keep track of their use of web servers [see Curtin, 
2.2.2 Profiling Capability and 1.4 Web Bugs]. 

5i> As to claims 20 and 31, as they do not teach or further define over the claimed 
limitations, they are rejected for the same reasons set forth for claim 13. 

52> As to claim 43, as it is a claim to a medium that executes the steps of the method of 
claim 13, it does not teach or further define over the claimed limitations. Therefore, claim 43 
is rejected for the same reasons set forth for claim 13. 

53> As to claims 52, 53 and 57, as it is does not teach or further define over the combined 
limitations of claims 11 and 13, claims 52, 53 and 57 are also rejected for the same (combined) 
reasons set forth for claims 11 and 13, supra. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 
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U.S Patent No. 6.055.637 to Hudson et al; 
U.S Patent No. 6.539.481 to Takahashi et al. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
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organization where this application or proceeding is assigned is 703-872-9306. 
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applications may be obtained from either Private PAIR or Public PAIR. Status information 
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access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217- 
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